Home
Why Us
Disaster Mitigation
Government Services
Integrated Virtualization
Microsoft Dynamics
Unified Communications
Solution Spotlights
Company Information
Login
Disaster Mitigation & Recovery Services
Improving business continuity through protection, planning, and restoration.

 Related Areas

• Unified Threat Management

• Network Security

• Unified Physical Infrastructure

• Managed Services


Describing Business Continuance
Businesses and organizations of all sizes increasingly depend on computerized data systems for their operations. Ensuring that these systems, and their stored data, keep operating is a critical component of business planning. Business continuance is the process of ensuring that all critical data and systems remain available or is restorable following hardware, software, maliciousness, or environmental problems interrupting normal business operations.
 
The Reality of Significant Loss
A November 2008 industry study1 by analyst Rubicon Consulting, revealed that on average, over 40% of small and medium businesses that do not have a Disaster Recovery Plans go out of business after major business data loss through hardware failure, software failure, maliciousness, or other environmental and natural disasters. 
 

Leading Causes of Data Loss with Companies of 100-250 employees.1

 

Other business loss highlights:

• Half of SMBs have permanently lost important business data from their computers.
• A third of the companies that lost data suffered lost sales as a result.
• Although hardware failure is the most common cause of data loss, midsize companies lose data in many different ways, some of them surprising. For example, a quarter of the midsize companies that lost data said they have had Incidents in which an employee erased it maliciously.
• About a quarter of SMBs do not back up their servers or PCs.
• Most SMBs are vulnerable to some forms of data loss from their PCs and servers because they store backup files in the same location as the computers backed up.
• As organizations increase in size, risk increases.

A Little Planning Goes a Long Way
There is no reason a temporary setback should turn into a permanent failure. The first step is to create a Business Continuity Plan.  A business continuity plan is a comprehensive plan for your entire organization spanning all locations and all sites which considers key components crucial to your recovery, and establishes a formal process to be followed to restore your business process when disaster occurs.
 
Your plan should also included step-by-step process for you and your staff to follow, covering such items as contacting your local authorities and insurance carriers, re-establishing data and voice facilities or service, sourcing equipment, restoring data, and all essentials needed to restore your organization's operational capability to do business.
 
Getting Started
Developing and managing a business continuity plan is a daunting task.  It requires strength in duality of knowledge about your business process and technology.  As an organization geared towards enabling business, we can help identify critical business process and their reliance on technology through cost analysis and business metrics.  Our experience in both managing and mitigating business loss is an intangible and invaluable aspect during planning and preparation phases.
For example, how do you decided what needs to be protected?
 
The simplest approach to business continuance is to treat all data as equal, and equally important to business operations. However, this approach leads to unnecessary cost and complexity; many areas of business technology infrastructure already have fault resilience and can handle the loss of one or more participants (i.e. VoIP, Routing, WINS, etc.). Furthermore, the design of these services is such that a failed service can often be quickly replaced and rebuilt. However, line-of-business applications and their associated data generally don’t enjoy this same level of protection. Messaging, database, resource planning, and other critical systems carry the data without which a business cannot operate, so it’s critical to ensure that those data are protected. Figure 1 illustrates the systems that are commonly protected versus those that often are not.

Figure 1: Infrastructure and line-of-business systems often have different degrees of protection
 
Business continuity planning is a complicated process that involves every aspect of business operations, from mundane concerns about office space and furniture to complex issues around automatic failover and transaction replay. The key point to remember is this: until critical line-of-business data can be restored, most other business resumption efforts cannot even begin.
 
Our Metrics for Business Continuity Planning
The decision as to what systems are worth protecting must be made based on business requirements and costs, particularly the cost of interrupted operations. Unplanned downtime costs money; it’s not uncommon for post-failure analysis to show direct costs of tens of thousands of dollars per hour for major outages. Those costs, of course, increase for businesses that are highly dependent on their data systems. Downtime costs can be precisely calculated and used to determine what level of investment in business continuity makes sense.
 
When considering any business continuity technology, establishing some baseline expectations is important.  It’s important to examine possible solutions in terms of two goals: data protection and data availability.  These goals can be measured using two quantitative measures:
• Recovery Time Objective (RTO) represents the amount of time between the start of an outage and the resumption of normal business operations. The RTO for an outage that can be resolved by reloading from a tape backup includes the time necessary to locate and mount the tape, the time required to restore the data from the tape, and any time necessary to post-process the restored data before restarting the downed applications.

 
• Recovery Point Objective (RPO) represent the point to which business data can be restored. This can be thought of as the latency between a production data set and its redundant or replicated copy. This latency may be expressed as a number of changes or a time interval; it measures how out-of-date the replicated copy will be compared to the original. For example, a nightly backup means that the RPO will be the time between when data was written to the tape and when the failure occurs: a failure any time on Tuesday has an RPO of Monday night.
Data availability requirements are usually expressed in terms of RTO, because the key factor that drives availability needs is the requirement to have access to critical data within a certain interval. By contrast, data protection requirements are usually expressed in terms of RPO. These requirements revolve around the need not to lose any important data. Data protection efforts often focus more on preserving access to the data under dire circumstances than on the amount of time required to regain access to the data if those circumstances occur.
 
Case Studies & References
  1. Data Backup for Small and Medium Businesses: Priorities, Current Practices, and Risks. Rubicon Consulting, Inc: November 28, 2008.